CVE-2015-3844
- EPSS 0.55%
- Veröffentlicht 01.10.2015 00:59:24
- Zuletzt bearbeitet 06.05.2026 22:30:45
The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before 5.1.1 LMY48I allows attackers to trigger incorrect process loading via a crafted application, as demonstrat...
CVE-2015-3843
- EPSS 1.54%
- Veröffentlicht 01.10.2015 00:59:23
- Zuletzt bearbeitet 06.05.2026 22:30:45
The SIM Toolkit (STK) framework in Android before 5.1.1 LMY48I allows attackers to (1) intercept or (2) emulate unspecified Telephony STK SIM commands via an application that sends a crafted Intent, related to com/android/internal/telephony/cat/AppIn...
CVE-2015-3842
- EPSS 1.44%
- Veröffentlicht 01.10.2015 00:59:22
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516.
CVE-2015-3837
- EPSS 1.49%
- Veröffentlicht 01.10.2015 00:59:21
- Zuletzt bearbeitet 06.05.2026 22:30:45
The OpenSSLX509Certificate class in org/conscrypt/OpenSSLX509Certificate.java in Android before 5.1.1 LMY48I improperly includes certain context data during serialization and deserialization, which allows attackers to execute arbitrary code via an ap...
- EPSS 2.8%
- Veröffentlicht 01.10.2015 00:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the Sonivox DLS-to-EAS converter in Android before 5.1.1 LMY48I does not reject a negative value for a certain size field, which allows remote attackers to execute arbitrary code or cause a ...
CVE-2015-3835
- EPSS 1.77%
- Veröffentlicht 01.10.2015 00:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the OMXNodeInstance::emptyBuffer function in omx/OMXNodeInstance.cpp in libstagefright in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 20634516.
- EPSS 1.22%
- Veröffentlicht 01.10.2015 00:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application that uses HDCP encryption, leading to a hea...
CVE-2015-3833
- EPSS 0.7%
- Veröffentlicht 01.10.2015 00:59:17
- Zuletzt bearbeitet 06.05.2026 22:30:45
The getRunningAppProcesses function in services/core/java/com/android/server/am/ActivityManagerService.java in Android before 5.1.1 LMY48I allows attackers to bypass intended getRecentTasks restrictions and discover the name of the foreground applica...
- EPSS 2.88%
- Veröffentlicht 01.10.2015 00:59:16
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538.
CVE-2015-3831
- EPSS 1.46%
- Veröffentlicht 01.10.2015 00:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp in the mediaserver service in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bu...